Bugtraq mailing list archives
New Win95 OOB fix allows Netbios to be used
From: aaronw () POBOX COM (Aaron Weintraub)
Date: Mon, 12 May 1997 15:50:36 -0400
-- readme.txt May 12, 1997 2pm EDT NOTE: WORKS ON WINDOWS 95 ONLY. DO NOT APPLY TO WINDOWS NT This is the latest and best(?) fix for the Windows 95 OOB hole that allows anyone to crash your machine. This fix works on all releases of Windows 95 (950/950a and 950b/OSR2). This patch *does* allow Netbios to work as it usually does (e.g. LAN f/p sharing) Simply double click on the .reg file included in this zip and reboot. You may then undo whatever temporary fix you have done. To undo it, you must use regedit to remove the BSDUrgent key entirely. Please let either one of us know of any troubles. Here is a direct quote from my source (for win95) http://www.microsoft.com/kb/articles/q158/4/74.htm Hkey_Local_Machine\System\CurrentControlSet\Services\VxD\MSTCP BSDUrgent = 0 or 1 If this value is 1, specifies that Microsoft TCP/IP is to treat urgent data the way some UNIX systems do (with a maximum of 1 byte of urgent data, for example). If this value is 0, it specifies that the stack is to handle urgent data as specified by RFC 1122. The default is 1. --Note: I do not know what else this will break. I have tried several apps on my machine and they all appear to be unaffected. Aaron Weintraub aaronw () pobox com Skream skream () coca net http://www.mydesktop.com/ for the latest in breaking news. ---- fix_oob.reg REGEDIT4 [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP] "BSDUrgent"="0"
Current thread:
- Linux UID/GID 'Feature' David Phillips (May 10)
- Re: Linux UID/GID 'Feature' Steve \ (May 11)
- Re: Linux UID/GID 'Feature' Ariel Biener (May 11)
- Yet another WinNuke page. Nobody (May 11)
- Re: Linux UID/GID 'Feature' Jim Trocki (May 11)
- Re: Linux UID/GID 'Feature' Jon Lewis (May 11)
- more DoS fun Ghent (May 11)
- Re: Linux UID/GID 'Feature' Andrew G. Morgan (May 11)
- sendmail 8.8.6 Beta release available Jason R Mastaler (May 11)
- New Win95 OOB fix allows Netbios to be used Aaron Weintraub (May 12)
- UPDATE TO OOB FIX Aaron Weintraub (May 12)
- Re: New Win95 OOB fix allows Netbios to be used Ian MacPhedran (May 13)
- UPDATE TO OOB FIX Wojciech Swieboda (May 13)
- Re: ELM overflow security () home bti pl (May 14)
- Re: ELM overflow Michel GAUDET (May 16)
- potential root exploit with help from sam (HP-UX 10.x) David Hyams (May 14)
- Re: potential root exploit with help from sam (HP-UX 10.x) Trevor Schroeder (May 14)
- Sun Security Bulletin #00140 Sun Security Coordination Team (May 14)
- Non-executable stack -- final Linux kernel patch Solar Designer (May 14)
- NT4.0 SP3 Still vulnerable Aaron Spangler (May 15)